Archive for the ‘Vendor Assessment’ Category

Monitoring and reviewing third party InfoSec services

Control A10 of ISO 27001 mandates for outsourcing organization to monitor and review the performance of third party service provider on regular basis which includes the contractor working on critical assets within the scope. Service level Agreement (SLA) or Operation level Agreement (OLA) are the binding legal agreement which includes all the important services to […]

Comments (1)

A guide to contract and commercial management for professionals

Contract and Commercial Management “Almost 80% of CEOs say that their organization must get better at managing external relationships. According to The Economist, one of the major reasons why so many relationships end in disappointment is that most organizations ‘are not very good at contracting’. This ground-breaking title from leading authority IACCM (International Association for […]

Comments (1)

Laptop security and vendor assessment

Another report of a laptop stolen, this one containing reams of sensitive customer information. The laptop was later returned in the same office complex, to a room which was reportedly locked; however, the sensitive data on the laptop was not encrypted. According to a San Francisco Chronicle article by Deborah Gage (Aug 6, 2008, pg. […]

Comments (4)